cert-management icon indicating copy to clipboard operation
cert-management copied to clipboard

Published 20 hours ago verified publisher icon gardener

create self-signed certificates for local domains

Open jkleinlercher opened this issue 8 months ago • 3 comments

What would you like to be added:

Gardener Cert-Manager Issuer should be able to create self-signed certificates.

Why is this needed:

We use the project Kargo and there in https://github.com/akuity/kargo/blob/main/charts/kargo/templates/webhooks-server/cert.yaml a certificate for dnsName "kargo-webhooks-server.{{ .Release.Namespace }}.svc" is created, to enable a TLS connection between the Kubernetes-API server and this admissioncontroller webhook.

The Project normally creates its own issuer to create a selfSigned certificate: https://github.com/akuity/kargo/blob/main/charts/kargo/templates/common/cert-issuer.yaml

Look at .spec.selfSigned

So we do not want to install cert-manager but use the gardener cert-manager to create a certificate. However, I didn't find a way to create self-signed certificates the way the cert-manager does.

Maybe someone can explain how to achieve this with the current features of gardener cert-management?

jkleinlercher avatar Jun 25 '24 19:06 jkleinlercher